示例#1
0
文件: Recover.php 项目: visapi/amun
 public function onPost()
 {
     try {
         $email = $this->post->email('string', array(new Filter\Length(3, 64), new Filter\Email()));
         $captcha = $this->post->captcha('string');
         // check captcha if anonymous
         $captchaProvider = Captcha::factory($this->config['amun_captcha']);
         if (!$captchaProvider->verify($captcha)) {
             throw new Exception('Invalid captcha');
         }
         if (!$this->validate->hasError()) {
             $handler = $this->getHandler('AmunService\\User\\Account');
             $account = $handler->getOneByIdentity(sha1($this->config['amun_salt'] . $email), array('id', 'name', 'status', 'email'), Sql::FETCH_OBJECT);
             if ($account instanceof Account\Record) {
                 if (!in_array($account->status, array(Account\Record::NORMAL, Account\Record::ADMINISTRATOR))) {
                     throw new Exception('Account has an invalid status');
                 }
                 if (!empty($account->email)) {
                     $token = Security::generateToken();
                     $link = $this->page->getUrl() . '/login/resetPw?token=' . $token;
                     $date = new DateTime('NOW', $this->registry['core.default_timezone']);
                     // update status
                     $account->setStatus(Account\Record::RECOVER);
                     $account->setToken($token);
                     $handler->update($account);
                     // send mail
                     $values = array('account.name' => $account->name, 'host.name' => $this->base->getHost(), 'recover.ip' => $_SERVER['REMOTE_ADDR'], 'recover.link' => $this->page->getUrl() . '/resetPw?token=' . $token, 'recover.date' => $date->format($this->registry['core.format_date']));
                     $mail = new Mail($this->registry);
                     $mail->send('LOGIN_RECOVER', $account->email, $values);
                     $this->template->assign('success', true);
                 } else {
                     throw new Exception('No public email address is set for this account');
                 }
             } else {
                 throw new Exception('Account does not exist');
             }
         } else {
             throw new Exception($this->validate->getLastError());
         }
     } catch (\Exception $e) {
         $this->template->assign('error', $e->getMessage());
     }
 }
示例#2
0
文件: ResetPw.php 项目: visapi/amun
 public function onGet()
 {
     try {
         $token = $this->get->token('string', array(new Filter\Length(40, 40), new Filter\Xdigit()));
         if ($token !== false) {
             $handler = $this->getHandler('AmunService\\User\\Account');
             $account = $handler->getRecoverByToken($token);
             if ($account instanceof Account\Record) {
                 if (!empty($account->email)) {
                     if ($_SERVER['REMOTE_ADDR'] == $account->ip) {
                         $security = new Security($this->registry);
                         $pw = $security->generatePw();
                         $date = new DateTime('NOW', $this->registry['core.default_timezone']);
                         $account->setStatus(Account\Record::NORMAL);
                         $account->setPw($pw);
                         $handler->update($account);
                         // send mail
                         $values = array('account.name' => $account->name, 'account.pw' => $pw, 'host.name' => $this->base->getHost(), 'recover.link' => $this->page->getUrl(), 'recover.date' => $date->format($this->registry['core.format_date']));
                         $mail = new Mail($this->registry);
                         $mail->send('LOGIN_RECOVER_SUCCESS', $account->email, $values);
                         $this->template->assign('success', true);
                     } else {
                         throw new Exception('Recover process was requested from another IP');
                     }
                 } else {
                     throw new Exception('No public email address is set for this account');
                 }
             } else {
                 throw new Exception('Invalid token');
             }
         } else {
             throw new Exception('Token not set');
         }
     } catch (\Exception $e) {
         $this->template->assign('error', $e->getMessage());
     }
 }
示例#3
0
文件: Register.php 项目: visapi/amun
 public function onPost()
 {
     try {
         $name = $this->post->name('string', array(new Filter\Length(3, 32)), 'name', 'Name');
         $identity = $this->post->identity('string', array(new Filter\Length(3, 128), new Filter\Email()), 'email', 'Email');
         $pw = $this->post->pw('string');
         $pwRepeat = $this->post->pwRepeat('string');
         $longitude = $this->post->longitude('float');
         $latitude = $this->post->latitude('float');
         $captcha = $this->post->captcha('string');
         if (!$this->validate->hasError()) {
             // check whether registration is enabled
             if (!$this->registry['login.registration_enabled']) {
                 throw new Exception('Registration is disabled');
             }
             // compare pws
             if (strcmp($pw, $pwRepeat) != 0) {
                 throw new Exception('Password ist not the same');
             }
             // check captcha if anonymous
             $captchaProvider = Captcha::factory($this->config['amun_captcha']);
             if (!$captchaProvider->verify($captcha)) {
                 throw new Exception('Invalid captcha');
             }
             // create account record
             $handler = $this->getHandler('AmunService\\User\\Account');
             $account = $handler->getRecord();
             $account->setGroupId($this->registry['core.default_user_group']);
             $account->setStatus(Account\Record::NOT_ACTIVATED);
             $account->setIdentity($identity);
             $account->setName($name);
             $account->setPw($pw);
             $account->setLongitude($longitude);
             $account->setLatitude($latitude);
             $account = $handler->create($account);
             if (isset($account->id)) {
                 // send activation mail
                 $date = new DateTime('NOW', $this->registry['core.default_timezone']);
                 $values = array('account.name' => $account->name, 'account.identity' => $identity, 'host.name' => $this->base->getHost(), 'register.link' => $this->page->getUrl() . '/register/activate?token=' . $account->token, 'register.date' => $date->format($this->registry['core.format_date']));
                 $mail = new Mail($this->registry);
                 $mail->send('LOGIN_REGISTRATION', $identity, $values);
                 $this->template->assign('success', true);
             } else {
                 throw new Exception('Your account was added for approval');
             }
         } else {
             throw new Exception($this->validate->getLastError());
         }
     } catch (\Exception $e) {
         $this->template->assign('name', htmlspecialchars($name));
         $this->template->assign('identity', htmlspecialchars($identity));
         $this->template->assign('error', $e->getMessage());
     }
 }